CVE-2019-1740

HIGH

Cisco IOS XE - Unauthenticated Denial of Service via NBAR DNS Packet Parsing

Title source: llm
STIX 2.1

Description

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability are due to a parsing issue on DNS packets. An attacker could exploit this vulnerability by sending crafted DNS packets through routers that are running an affected version and have NBAR enabled. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/107597

Scores

CVSS v3 8.6
EPSS 0.0219
EPSS Percentile 80.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-20
Status published
Products (50)
cisco/ios 15.3\(3\)jd
cisco/ios 15.3\(3\)jd2
cisco/ios 15.3\(3\)jd3
cisco/ios 15.3\(3\)jd4
cisco/ios 15.3\(3\)jd5
cisco/ios 15.3\(3\)jd6
cisco/ios 15.3\(3\)jd7
cisco/ios 15.3\(3\)jd8
cisco/ios 15.3\(3\)jd9
cisco/ios 15.3\(3\)jd11
... and 40 more
Published Mar 28, 2019
Tracked Since Feb 18, 2026